This role is for an experienced consultant who has a strong background in digital forensics along with understanding of one or more of the following areas: computer security, penetration testing, programming, Incident Response, PCI-DSS QSA / PFI, or Cyber Security Training.
The candidate will need to have a good consulting background, be at ease when dealing with customers, be self-motivated and able to work unsupervised and deal with incidents at short notice.
Salary and package will be dependent on previous experience, attitude and future potential, the role will be based predominantly from the Cambridge office, with some home working where necessary, and will involve some travel throughout the UK and Europe.
The role can and will encompass a variety of topics including PCI DSS, security training, incident response, digital forensics, PCI and corporate breach investigations. Anything from forensic investigative tasks, conducting ‘on-site’ consultancy, acquisition of forensic evidence, report writing, developing new business, training clients, writing code and hacking code.
Other topics you may get exposed to include security assessments, malware analysis, litigation support, cardholder data discovery, penetration testing, code analysis, program tool development and training.
Where required training and hands on practical work in the areas of information security, forensics, and PCI-DSS will be provided, however this role is for an experienced forensic professional. Applicants must be flexible, proactive, self-starting and able to work as part of a team and independently.
The following skills are essential, applicants should have experience of commercial digital forensics, incident response, general information security as well as:
- Experience of conducting forensic imaging and acquisition of computer and storage media both dead box, live and remotely
- Experience with standard forensic toolsets and mainstream commercial tools e.g. EnCase, FTK, DD, WFT, Nuix, Incident Response Tools, Linux Forensic tools etc
- Experience with different operating systems such as Linux / Windows / Mac Operating
- Experience of analysing forensic evidence, report writing and the ability to communicate complex technical data to the lay person is also a must have
- The role will also include onsite customer visits, so the applicant must have the ability to travel, sometimes at short notice and may include overnight stays when necessary
The following skills are desirable but not essential:
- Knowledge of Security Operation Centres (SOCs)
- Incident Response / First Responder Training
- Experience of conducting PCI DSS Audits and knowledge of the PCI Data Security Standard
- Knowledge of programming
- Experience of infrastructure penetration testing, web application penetration testing, host based audits, configuration / code / architecture reviews
- Malware analysis and reverse engineering
If you are interested in finding out more information regarding this exciting opportunity, then please send your CV and a covering letter (demonstrating why you are the right candidate) to: Jobs@3BDataSecurity.com